security:
    encoders:
        Mtt\UserBundle\Entity\User:
            algorithm: sha384
            iterations: 3600
            encode_as_base64: false

    providers:
        user_db:
            entity:
                class: Mtt\UserBundle\Entity\User
                property: username

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        login_firewall:
            pattern:   ^/login$
            anonymous: ~
            logout_on_user_change: true

        default:
            pattern: ^/
            anonymous: ~
            form_login:
                provider:   user_db
                login_path: /login
                check_path: /login_check
            logout:
                path:   /logout
                target: /login
            logout_on_user_change: true
            wsse:
                lifetime: "%wsse_token_lifetime%"

    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
        - { path: ^/telegram, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
        - { path: ^/webhook, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
        - { path: ^/, roles: ROLE_USER, requires_channel: https }
